The protection of both the individuals and the financial markets with regard to cyber-attacks are considered of substantial importance.
The main focus is on products or services of supervised institutions and their underlying business processes as well as their critical assets, where the cyber-attack can lead to the failure or dysfunction. This may damage the protective goal of availability, integrity and confidentiality of information. The importance of infrastructure security was also highlighted in the
Direct transmission revision, which called for more stringent digital communication standards. Such attacks can also jeopardise the data. In parallel, reforms such as the
Banking act revision have underscored the need to align operational integrity with secure digital infrastructures.
If a cyber-attack on critical assets results in one or more of the protective goals of essential functions and the business processes are under risk - this must be reported to FINMA immediately.